Authorized access in Timetracker for TFS and VSTS has different implementations. Please use the proper approach.
Authorized Access in Timetracker for VSTS
For authorized access to Timetracker’s API, we use OAuth 2.0 Authorization Framework. OAuth 2.0 supports the following grants (by grants, we mean ways of retrieving an access token):
- Authorization Code Flow is the way that we initially obtain an access token.
For more information on the OAuth 2.0 Authorization Code Flow, see section 4.1 of the OAuth 2.0 specification: https://tools.ietf.org/html/rfc6749#section-4.1.
- RefreshTokens is the way we update expired access tokens.
For more information on Refresh Tokens, see section 1.5: https://tools.ietf.org/html/rfc6749#section-1.5.
Note: Please use OpenApi as client_id to authorize any external application.
Authorized Access in Timetracker for TFS
To use Timetracker REST/SignalR API in TFS environment you don’t need tokens. All requests must be authorized with NTLM authorization.
To see details on authorizing access to API please see our documentation: https://www.7pace.com/redir/api-auth
Timetracker has this set of APIs:
- RESTful API
- OData API
For an introduction to SignalR , please see: (https://docs.microsoft.com/en-us/aspnet/signalr/overview/getting-started/introduction-to-signalr)